Senior Dfir Consultant

This role identifies and develops the security solutions for clients using company products, outsourced technology solutions and technical tools, as well as consults with clients regarding secure product configuration, deployment, and security patches to minimize security vulnerabilities.

In addition, this role provides comprehensive scanning, penetration testing, vulnerability assessments, monitoring services and source code analysis and delivers detailed results to clients. This role guides and supports clients in the development and implementation of product security controls.

Having this role within the region is crucial for:
Rapid Incident Response: Ensuring timely and effective response to cyber incidents to minimize damage and recovery time.
Regulatory Compliance: Assisting organizations in meeting nuanced regional cybersecurity regulations and standards.
Training and Awareness: Part of the DFIR offering packing is IR Gap Assessment and Training. Having someone in the region allows the work to be done during the client’s business hours.
Presales Support: All of our Consultants work directly with regional sales teams to help drive growth.

**Key Responsibilities**:

- Proactively reacts to security breaches to mitigate immediate and potential threats.
- Uses mitigation, preparedness, response and recovery approaches to minimize business disruptions and commercial consequences.
- Supports investigation and analysis response activities and evaluate the effectiveness of and improvements to existing practices.
- Conducts regular threat and vulnerability assessments and determine deviations from acceptable configurations or policies.
- Assesses the level of risk and support the development of appropriate mitigation countermeasures in operational and non-operational situations.
- Collects, processes, preserves, analyzes, and presents digital-related evidence to support network vulnerability mitigation and/or civil, workplace, counterintelligence, or law enforcement (e.g., criminal, fraud) investigations.
- Applies tactics, techniques, and procedures to a full range of tools and processes related to administrative, criminal, and counterintelligence gathering (e.g., in-depth case analyses, continuous monitoring, malware analysis, clear documentation).
- Proactively searches through our critical infrastructure, systems and networks to detect and isolate advanced threats that may cause harm to our organization.
- Uses both manual approaches and automated tools to identify, analyze, and report events and support the development of countermeasures to proactively protect against these threats in the future.

**Knowledge and Attributes**:

- Excellent knowledge of cybersecurity principles, risk management, compliance standards, and advanced security technologies.
- Good knowledge of the technology industry, including trends, emerging technologies, and their potential impact on cybersecurity.
- Solid understanding of security risks and preventative controls.
- excellent understanding of security operational processes and controls.
- Service consulting aptitude, focusing on the business, service and sales aspects.
- Excellent verbal and written communication skills.
- Demonstrate impeccable attention to detail are able to translate internal customer requirements into solutions.
- Maintain up-to-date knowledge of security threats, countermeasures, security tools, and network technologies.
- High level of drive and ability to work under pressure.
- Ability to build and maintain cross-functional relationships with a variety of stakeholders.
- Understanding of relevant laws, regulations, and compliance frameworks affecting the technology sector.
- Good ability to assess and manage cybersecurity risks at both organizational and project levels.
- Good knowledge of security frameworks and standards like NIST, ISO/IEC 27001, CIS, etc.

**Academic Qualifications and Certifications**:

- Bachelor's degree or equivalent in Information Technology or Computer Science or Engineering or related field.
- Industry relevant certifications such as GCIH, GCFA, CISSP, CISM, CEH, GSEC or CompTIA Security+ essential.

**Required Experience**:

- Advanced level of experience in the Information Technology Security Industry or relevant experience in similar role within a related environment.
- Advanced experience with security architecture design principles.
- Advanced experience with industry compliance and standards such as ISO 27000, PCI DSS, NIST, HIPAA or others.
- Advanced experience with security tools and techniques to cover SANS Top 25, OWASP or others.
- Advanced experience working in a multi-team environment across multiple geographies.